fix: add M-09/M-10/M-11/H-09 - reproducibility, GPG signing, cache integrity

M-09: SOURCE_DATE_EPOCH set at build start, BUILD-INFO.txt written with
build metadata for reproducibility verification.

M-10: GPG signing of ISO and SHA256 checksum. Uses persistent key at
config/gpg-keys/signing.key if available, otherwise generates ephemeral
key per build and exports pubkey alongside artifacts.

M-11: Docker base image digest-pinned to sha256:1d3c8111... preventing
supply chain tampering with the build environment.

H-09: Build cache integrity verification via SHA256 manifest. On cache
save, records checksums of all cached files. On restore, verifies each
file. Corrupted cache triggers fresh download instead of silent use.

Dockerfile: Added sbsigntool, shim-signed, systemd-boot-efi, gpg with
version pins for Secure Boot and signing support in build container.

Reference: DeepReport-2026-05-08.md findings M-09, M-10, M-11, H-09

💘 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>

Dockerfile

@@ -4,7 +4,7 @@
 # License: GNU Affero General Public License v3.0 only
 
 # Base stage - minimal Debian 13 base
-FROM debian:13.3-slim AS base
+FROM debian:13.3-slim@sha256:1d3c811171a08a5adaa4a163fbafd96b61b87aa871bbc7aa15431ac275d3d430 AS base
 
 # Set environment variables for non-interactive installation
 ENV DEBIAN_FRONTEND=noninteractive
@@ -61,6 +61,16 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
 
+# Install Secure Boot and signing tools
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    sbsigntool=0.9.4-3.2 \
+    shim-signed=1.47+15.8-1 \
+    systemd-boot-efi=257.9-1~deb13u1 \
+    gpg=2.4.7-21+deb13u1+b2 \
+    gpg-agent=2.4.7-21+deb13u1+b2 \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
 # Create workspace directories
 RUN mkdir -p /workspace /build /tmp /output